Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2 advisories

Loading
Spring AI MCP Security: Unvalidated URL Fetching (SSRF) High
CVE-2026-45609 was published for org.springaicommunity:mcp-client-security (Maven) May 18, 2026
srikanthramu Credited to srikanthramu
MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *) Moderate
CVE-2026-34237 was published for io.modelcontextprotocol.sdk:mcp-core (Maven) Mar 30, 2026
srikanthramu Credited to srikanthramu
ProTip! Advisories are also available from the GraphQL API